From: "Roger Pau Monné" <roger.pau@citrix.com>
To: Andrew Cooper <andrew.cooper3@citrix.com>,
xen-devel@lists.xenproject.org
Cc: Kevin Tian <kevin.tian@intel.com>,
Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>,
Eddie Dong <eddie.dong@intel.com>,
Jan Beulich <jbeulich@suse.com>,
Aravind Gopalakrishnan <Aravind.Gopalakrishnan@amd.com>,
Jun Nakajima <jun.nakajima@intel.com>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>
Subject: Re: [PATCH v2] xen/pvh: use a custom IO bitmap for PVH hardware domains
Date: Wed, 29 Apr 2015 17:51:20 +0200 [thread overview]
Message-ID: <5540FDF8.5080402@citrix.com> (raw)
In-Reply-To: <5540E042.70500@citrix.com>
El 29/04/15 a les 15.44, Andrew Cooper ha escrit:
> On 29/04/15 12:05, Roger Pau Monné wrote:
>> El 29/04/15 a les 2.38, Andrew Cooper ha escrit:
>>>
>>>> +
>>>> + if ( is_pvh_domain(d) )
>>>> + {
>>>> + for ( i = 0; i < 0x10000; i++ )
>>>> + /* NB: 0xcf8 has special treatment so we need to trap
>>>> it. */
>>> Why? (and irrespective of my question, cf8 expects a 4 byte access, and
>>> surely cfc would need similar treatment?)
>> 0xcfc-0xcff is already added to ioports_deny_access in construct_dom0. I
>> have no idea why 0xcf8 needs this special treatment, but Linux PVH fails
>> to enumerate PCI devices if Xen is not set to trap accesses to 0xcf8
>> (FreeBSD seems to be fine, either with 0xcf8 trapped or not).
>
> Sorry for the noise on v3. I replied before seeing this reply.
>
> cf8/cfc are used as an indirect pair for access to PCI config space.
> They must be strictly be controlled by a single entity in a system, or
> dom0 and Xen can race and interfere with each other. As a result,
> permissions for cf8/cfc must never be set in the IO bitmap.
Ack, that's why I decided to add 0xcf8-0xcfa to the list of blocked
ports in v3 after looking at guest_io_write/admin_io_ok.
> There are other indirect pairs which need similar treatment.
Yes, I see there is at least another similar case related to RTC. I will
look into cleaning admin_io_ok and guest_io_{write/read} in next version.
Thanks, Roger.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
prev parent reply other threads:[~2015-04-29 15:51 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-28 15:44 [PATCH v2] xen/pvh: use a custom IO bitmap for PVH hardware domains Roger Pau Monne
2015-04-29 0:38 ` Andrew Cooper
2015-04-29 11:05 ` Roger Pau Monné
2015-04-29 13:44 ` Andrew Cooper
2015-04-29 15:51 ` Roger Pau Monné [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5540FDF8.5080402@citrix.com \
--to=roger.pau@citrix.com \
--cc=Aravind.Gopalakrishnan@amd.com \
--cc=andrew.cooper3@citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=eddie.dong@intel.com \
--cc=jbeulich@suse.com \
--cc=jun.nakajima@intel.com \
--cc=kevin.tian@intel.com \
--cc=suravee.suthikulpanit@amd.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.